Skip to main content

Orca Security discovers 'AutoWarp', cross-tenant vulnerability within Azure Automation Service

posted onMarch 7, 2022
by l33tdawg
Flickr
Credit: Flickr

Disclosure about a leak in Microsoft's Azure Automation platform back in December 2021, has recently surfaced to highlight a possible cross-tenant vulnerability within the process.

According to a report from Venture Beat, Microsoft was fortunate enough to have the exploit reported by a friendly researcher from Orca Security firm who managed to find a report the Azure Automation vulnerability before any malicious hackers were able to take advantage of the lapse in security.

Had Orca not been on the case, the vulnerability had the power to allow someone to cross from one Azure tenant to another with access to customer data and information. Orca researcher Yanir Tsarimi reported the tenant vulnerability dubbed AutoWarp, to Microsoft on December 6, 2021 and the company says it patched the exploit four days later, on December 10, 2021.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th